CVE Details
CVE-2026-58644
Microsoft SharePoint Deserialization of Untrusted Data Vulnerability
Published: 2026-07-16
CVSS: 9.8 CRITICAL
Product: Microsoft SharePoint
Due Date: 2026-07-19
Microsoft SharePoint contains a deserialization of untrusted data vulnerability that allows an unauthorized attacker to execute code over a network.
GitHub PoC
Warning: GitHub PoC repositories are unverified. Some may be fake
or contain malware. Use caution and review code before running anything.
No GitHub PoC data.
FIRST EPSS
EPSS estimates the probability of exploitation in the next 30 days. Higher values indicate higher likelihood of real-world exploitation.
Timeline
CVE Stalker
KEV
MITRE
GitHub
FIRST (EPSS)
MITRE
CVSS
SSVC
References
Show Raw Data
| Key | Remaining Key | Value |
|---|---|---|
| dataType | CVE_RECORD | |
| dataVersion | 5.2 | |
| cveMetadata > | cveId | CVE-2026-58644 |
| cveMetadata > | assignerOrgId | f38d906d-7342-40ea-92c1-6c4a2c6478c8 |
| cveMetadata > | state | PUBLISHED |
| cveMetadata > | assignerShortName | microsoft |
| cveMetadata > | dateReserved | 2026-07-01T21:14:44.618Z |
| cveMetadata > | datePublished | 2026-07-14T17:05:37.431Z |
| cveMetadata > | dateUpdated | 2026-07-16T15:14:30.910Z |
| containers > | cna > title | Microsoft SharePoint Remote Code Execution Vulnerability |
| containers > | cna > datePublic | 2026-07-14T14:00:00.000Z |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > operator | OR |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > negate | False |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 0 > vulnerable | True |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 0 > criteria | cpe:2.3:a:microsoft:sharepoint_server_2016:*:*:*:*:enterprise:*:*:* |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 0 > versionStartIncluding | 16.0.0 |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 0 > versionEndExcluding | 16.0.5556.1005 |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 1 > vulnerable | True |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 1 > criteria | cpe:2.3:a:microsoft:sharepoint_server_2019:*:*:*:*:*:*:*:* |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 1 > versionStartIncluding | 16.0.0 |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 1 > versionEndExcluding | 16.0.10417.20153 |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 2 > vulnerable | True |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 2 > criteria | cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:* |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 2 > versionStartIncluding | 16.0.0 |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 2 > versionEndExcluding | 16.0.19725.20384 |
| containers > | cna > affected > 0 > vendor | Microsoft |
| containers > | cna > affected > 0 > product | Microsoft SharePoint Enterprise Server 2016 |
| containers > | cna > affected > 0 > platforms > 0 | x64-based Systems |
| containers > | cna > affected > 0 > versions > 0 > version | 16.0.0 |
| containers > | cna > affected > 0 > versions > 0 > lessThan | 16.0.5556.1005 |
| containers > | cna > affected > 0 > versions > 0 > versionType | custom |
| containers > | cna > affected > 0 > versions > 0 > status | affected |
| containers > | cna > affected > 1 > vendor | Microsoft |
| containers > | cna > affected > 1 > product | Microsoft SharePoint Server 2019 |
| containers > | cna > affected > 1 > platforms > 0 | x64-based Systems |
| containers > | cna > affected > 1 > versions > 0 > version | 16.0.0 |
| containers > | cna > affected > 1 > versions > 0 > lessThan | 16.0.10417.20153 |
| containers > | cna > affected > 1 > versions > 0 > versionType | custom |
| containers > | cna > affected > 1 > versions > 0 > status | affected |
| containers > | cna > affected > 2 > vendor | Microsoft |
| containers > | cna > affected > 2 > product | Microsoft SharePoint Server Subscription Edition |
| containers > | cna > affected > 2 > platforms > 0 | x64-based Systems |
| containers > | cna > affected > 2 > versions > 0 > version | 16.0.0 |
| containers > | cna > affected > 2 > versions > 0 > lessThan | 16.0.19725.20384 |
| containers > | cna > affected > 2 > versions > 0 > versionType | custom |
| containers > | cna > affected > 2 > versions > 0 > status | affected |
| containers > | cna > descriptions > 0 > value | Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code over a network. |
| containers > | cna > descriptions > 0 > lang | en-US |
| containers > | cna > problemTypes > 0 > descriptions > 0 > description | CWE-502: Deserialization of Untrusted Data |
| containers > | cna > problemTypes > 0 > descriptions > 0 > lang | en-US |
| containers > | cna > problemTypes > 0 > descriptions > 0 > type | CWE |
| containers > | cna > problemTypes > 0 > descriptions > 0 > cweId | CWE-502 |
| containers > | cna > providerMetadata > orgId | f38d906d-7342-40ea-92c1-6c4a2c6478c8 |
| containers > | cna > providerMetadata > shortName | microsoft |
| containers > | cna > providerMetadata > dateUpdated | 2026-07-15T22:23:27.760Z |
| containers > | cna > references > 0 > name | Microsoft SharePoint Remote Code Execution Vulnerability |
| containers > | cna > references > 0 > tags > 0 | vendor-advisory |
| containers > | cna > references > 0 > tags > 1 | patch |
| containers > | cna > references > 0 > url | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58644 |
| containers > | cna > metrics > 0 > format | CVSS |
| containers > | cna > metrics > 0 > scenarios > 0 > lang | en-US |
| containers > | cna > metrics > 0 > scenarios > 0 > value | GENERAL |
| containers > | cna > metrics > 0 > cvssV3_1 > version | 3.1 |
| containers > | cna > metrics > 0 > cvssV3_1 > baseSeverity | CRITICAL |
| containers > | cna > metrics > 0 > cvssV3_1 > baseScore | 9.8 |
| containers > | cna > metrics > 0 > cvssV3_1 > vectorString | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
| containers > | adp > 0 > metrics > 0 > other > type | ssvc |
| containers > | adp > 0 > metrics > 0 > other > content > timestamp | 2026-07-16T15:14:24.171527Z |
| containers > | adp > 0 > metrics > 0 > other > content > id | CVE-2026-58644 |
| containers > | adp > 0 > metrics > 0 > other > content > options > 0 > Exploitation | none |
| containers > | adp > 0 > metrics > 0 > other > content > options > 1 > Automatable | yes |
| containers > | adp > 0 > metrics > 0 > other > content > options > 2 > Technical Impact | total |
| containers > | adp > 0 > metrics > 0 > other > content > role | CISA Coordinator |
| containers > | adp > 0 > metrics > 0 > other > content > version | 2.0.3 |
| containers > | adp > 0 > title | CISA ADP Vulnrichment |
| containers > | adp > 0 > providerMetadata > orgId | 134c704f-9b21-4f2e-91b3-4a467353bcc0 |
| containers > | adp > 0 > providerMetadata > shortName | CISA-ADP |
| containers > | adp > 0 > providerMetadata > dateUpdated | 2026-07-16T15:14:30.910Z |